Merge remote-tracking branch 'upstream/master' into bypassuac_redo

Conflicts:
	lib/msf/core/post/windows/priv.rb
	modules/exploits/windows/local/bypassuac.rb

.rspec

@@ -1,2 +1,2 @@
 --color
---format documentation
+--format Fivemat

Gemfile

@@ -40,6 +40,8 @@ group :development, :test do
 	# Version 4.1.0 or newer is needed to support generate calls without the
 	# 'FactoryGirl.' in factory definitions syntax.
 	gem 'factory_girl', '>= 4.1.0'
+# Make rspec output shorter and more useful
+	gem 'fivemat', '1.2.1'
 	# running documentation generation tasks and rspec tasks
 	gem 'rake', '>= 10.0.0'
 end

Gemfile.lock

@@ -18,6 +18,7 @@ GEM
     diff-lcs (1.2.4)
     factory_girl (4.2.0)
       activesupport (>= 3.0.0)
+    fivemat (1.2.1)
     i18n (0.6.5)
     json (1.8.0)
     metasploit_data_models (0.16.6)
@@ -62,6 +63,7 @@ DEPENDENCIES
   activesupport (>= 3.0.0)
   database_cleaner
   factory_girl (>= 4.1.0)
+  fivemat (= 1.2.1)
   json
   metasploit_data_models (~> 0.16.6)
   msgpack

data/svn/auth/svn.ssl.server/19bdfeb3753b288b06b4205235b24238

@@ -1,13 +0,0 @@
-K 10
-ascii_cert
-V 1844
-MIIFYzCCBEugAwIBAgIHBHTfnZklJzANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5NjkyODcwHhcNMTAwMzE2MTIwOTU5WhcNMTMwNDAxMjIwMjI0WjBVMRcwFQYDVQQKEw5tZXRhc3Bsb2l0LmNvbTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcwFQYDVQQDEw5tZXRhc3Bsb2l0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+V3Vs8M+48CofjzH5KE3MA1CmfXhz2vweW3x27TKhZBxbLLxVOpnbFTxfc6gD1NmcRfBRyRuGNclkwnkfQZ4YbkXIJWCjov0OZNfYTNOQbDtdZPK9q94h9wHUQOkpXl1k+Xe8+gVqLilqcS1ikISUQVsKBYa18FaT/PyFEv00ZsewtehL6C9oXCm81HH2S/HBu+CW1TJ3X5Loivs24aR65dzsKFhG2tnzUxox0Rg2ixPUue8xAoTGquujmy/0aa6yeT1kswFTLncTL/GLxQggtah9ul50pYQWRLuTNOIYsjSS32zPs1ZOTN8RkDrdCmEWPUxrzgmUmNQzKDvHjVp8CAwEAAaOCAcAwggG8MA8GA1UdEwEB/wQFMAMBAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkczEtMTUuY3JsMFMGA1UdIARMMEowSAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZF9pbnRlcm1lZGlhdGUuY3J0MB8GA1UdIwQYMBaAFP2sYTKTbEXW4u6FX5q653aZaMznMC0GA1UdEQQmMCSCDm1ldGFzcGxvaXQuY29tghJ3d3cubWV0YXNwbG9pdC5jb20wHQYDVR0OBBYEFDkiSjDeC0NDm2ioUVerYRuLWtbyMA0GCSqGSIb3DQEBBQUAA4IBAQAgATMjfkj0zvvpTWSxVLUjtMTsei+lC8v79mTqM/+3DWZZj8Tc6xUyhxNreAW137WKiJxQSEnrdMzVxozp99iL4RYH1tVTukXV4XVkRbFrtAw7dCYV6dYbp4Ru4dy97CUBceUDCXQpC3t6CNU66RIg6UAa6MV7DmJrEUhNSAB5LqsY3oyhFcV5jT0QYGMC0XuUylzNBW4AWCnlMDysJhSJ75RHa9e76S6g8m4TWT3b02LCdunzcl1kq4cmH6xPr5X3U8CkV6YGBTQhltuNQMM5OBxga1lfCFa81hSSa3300f8YBhwMatloUgu5gzQh/o3nFDJL6CDh6/fCqZyI32r+
-K 8
-failures
-V 1
-8
-K 15
-svn:realmstring
-V 26
-https://metasploit.com:443
-END

data/svn/auth/svn.ssl.server/ae6796767fe833f43e1aac5614a3f229

@@ -1,13 +0,0 @@
-K 10
-ascii_cert
-V 1844
-MIIFYzCCBEugAwIBAgIHBHTfnZklJzANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5NjkyODcwHhcNMTAwMzE2MTIwOTU5WhcNMTMwNDAxMjIwMjI0WjBVMRcwFQYDVQQKEw5tZXRhc3Bsb2l0LmNvbTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcwFQYDVQQDEw5tZXRhc3Bsb2l0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+V3Vs8M+48CofjzH5KE3MA1CmfXhz2vweW3x27TKhZBxbLLxVOpnbFTxfc6gD1NmcRfBRyRuGNclkwnkfQZ4YbkXIJWCjov0OZNfYTNOQbDtdZPK9q94h9wHUQOkpXl1k+Xe8+gVqLilqcS1ikISUQVsKBYa18FaT/PyFEv00ZsewtehL6C9oXCm81HH2S/HBu+CW1TJ3X5Loivs24aR65dzsKFhG2tnzUxox0Rg2ixPUue8xAoTGquujmy/0aa6yeT1kswFTLncTL/GLxQggtah9ul50pYQWRLuTNOIYsjSS32zPs1ZOTN8RkDrdCmEWPUxrzgmUmNQzKDvHjVp8CAwEAAaOCAcAwggG8MA8GA1UdEwEB/wQFMAMBAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkczEtMTUuY3JsMFMGA1UdIARMMEowSAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZF9pbnRlcm1lZGlhdGUuY3J0MB8GA1UdIwQYMBaAFP2sYTKTbEXW4u6FX5q653aZaMznMC0GA1UdEQQmMCSCDm1ldGFzcGxvaXQuY29tghJ3d3cubWV0YXNwbG9pdC5jb20wHQYDVR0OBBYEFDkiSjDeC0NDm2ioUVerYRuLWtbyMA0GCSqGSIb3DQEBBQUAA4IBAQAgATMjfkj0zvvpTWSxVLUjtMTsei+lC8v79mTqM/+3DWZZj8Tc6xUyhxNreAW137WKiJxQSEnrdMzVxozp99iL4RYH1tVTukXV4XVkRbFrtAw7dCYV6dYbp4Ru4dy97CUBceUDCXQpC3t6CNU66RIg6UAa6MV7DmJrEUhNSAB5LqsY3oyhFcV5jT0QYGMC0XuUylzNBW4AWCnlMDysJhSJ75RHa9e76S6g8m4TWT3b02LCdunzcl1kq4cmH6xPr5X3U8CkV6YGBTQhltuNQMM5OBxga1lfCFa81hSSa3300f8YBhwMatloUgu5gzQh/o3nFDJL6CDh6/fCqZyI32r+
-K 8
-failures
-V 1
-8
-K 15
-svn:realmstring
-V 30
-https://www.metasploit.com:443
-END

data/wordlists/snmp_default_pass.txt

@@ -92,6 +92,7 @@ root
 router
 rw
 rwa
+s!a@m#n$p%c
 san-fran
 sanfran
 scotty

lib/msf/core/auxiliary/jtr.rb

@@ -32,7 +32,7 @@ module Auxiliary::JohnTheRipper
     )
 
     @run_path  = nil
-    @john_path = ::File.join(Msf::Config.install_root, "data", "john")
+    @john_path = ::File.join(Msf::Config.data_directory, "john")
 
     autodetect_platform
   end

lib/msf/core/auxiliary/mime_types.rb

@@ -23,7 +23,7 @@ module Auxiliary::MimeTypes
   end
 
   def mime_load_extension_map
-    path = File.join( Msf::Config.install_root, "data", "mime.yml")
+    path = File.join( Msf::Config.data_directory, "mime.yml")
     @extension_map = YAML.load_file(path)
   end
 

lib/msf/core/db.rb

@@ -41,6 +41,7 @@ require 'rex/parser/nexpose_simple_nokogiri'
 require 'rex/parser/nmap_nokogiri'
 require 'rex/parser/openvas_nokogiri'
 require 'rex/parser/wapiti_nokogiri'
+require 'rex/parser/outpost24_nokogiri'
 
 # Legacy XML parsers -- these will be converted some day
 require 'rex/parser/ip360_aspl_xml'
@@ -2926,7 +2927,7 @@ class DBManager
   # Returns one of: :nexpose_simplexml :nexpose_rawxml :nmap_xml :openvas_xml
   # :nessus_xml :nessus_xml_v2 :qualys_scan_xml, :qualys_asset_xml, :msf_xml :nessus_nbe :amap_mlog
   # :amap_log :ip_list, :msf_zip, :libpcap, :foundstone_xml, :acunetix_xml, :appscan_xml
-  # :burp_session, :ip360_xml_v3, :ip360_aspl_xml, :nikto_xml
+  # :burp_session, :ip360_xml_v3, :ip360_aspl_xml, :nikto_xml, :outpost24_xml
   # If there is no match, an error is raised instead.
   def import_filetype_detect(data)
 
@@ -3059,6 +3060,9 @@ class DBManager
             @import_filedata[:type] = "CI"
             return :ci_xml
           end
+        when "main"
+          @import_filedata[:type] = "Outpost24 XML"
+          return :outpost24_xml
         else
           # Give up if we haven't hit the root tag in the first few lines
           break if line_count > 10
@@ -3649,7 +3653,7 @@ class DBManager
     data = ::File.open(args[:filename], "rb") {|f| f.read(f.stat.size)}
     wspace = args[:wspace] || args['wspace'] || workspace
     bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
-    basedir = args[:basedir] || args['basedir'] || ::File.join(Msf::Config.install_root, "data", "msf")
+    basedir = args[:basedir] || args['basedir'] || ::File.join(Msf::Config.data_directory, "msf")
 
     allow_yaml = false
     btag = nil
@@ -5923,6 +5927,36 @@ class DBManager
     parser.parse(args[:data])
   end
 
+  def import_outpost24_xml(args={}, &block)
+    bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
+    wspace = args[:wspace] || workspace
+    if Rex::Parser.nokogiri_loaded
+      parser = "Nokogiri v#{::Nokogiri::VERSION}"
+      noko_args = args.dup
+      noko_args[:blacklist] = bl
+      noko_args[:wspace] = wspace
+      if block
+        yield(:parser, parser)
+        import_outpost24_noko_stream(noko_args) {|type, data| yield type,data}
+      else
+        import_outpost24_noko_stream(noko_args)
+      end
+      return true
+    else # Sorry
+      raise DBImportError.new("Could not import due to missing Nokogiri parser. Try 'gem install nokogiri'.")
+    end
+  end
+
+  def import_outpost24_noko_stream(args={},&block)
+    if block
+      doc = Rex::Parser::Outpost24Document.new(args,framework.db) {|type, data| yield type,data }
+    else
+      doc = Rex::Parser::Outpost24Document.new(args,self)
+    end
+    parser = ::Nokogiri::XML::SAX::Parser.new(doc)
+    parser.parse(args[:data])
+  end
+
 
   def unserialize_object(xml_elem, allow_yaml = false)
     return nil unless xml_elem

lib/msf/core/exploit/cmdstager_debug_asm.rb

@@ -19,7 +19,7 @@ module Exploit::CmdStagerDebugAsm
     register_advanced_options(
       [
         OptString.new( 'DECODERSTUB',  [ true, 'The debug.exe assembly listing decoder stub to use.',
-          File.join(Msf::Config.install_root, "data", "exploits", "cmdstager", "debug_asm")]),
+          File.join(Msf::Config.data_directory, "exploits", "cmdstager", "debug_asm")]),
       ], self.class)
   end
 

lib/msf/core/exploit/cmdstager_debug_write.rb

@@ -19,7 +19,7 @@ module Exploit::CmdStagerDebugWrite
     register_advanced_options(
       [
         OptString.new( 'DECODERSTUB',  [ true, 'The debug.exe file-writing decoder stub to use.',
-          File.join(Msf::Config.install_root, "data", "exploits", "cmdstager", "debug_write")]),
+          File.join(Msf::Config.data_directory, "exploits", "cmdstager", "debug_write")]),
       ], self.class)
   end
 

lib/msf/core/exploit/cmdstager_vbs.rb

@@ -19,7 +19,7 @@ module Exploit::CmdStagerVBS
     register_advanced_options(
       [
         OptString.new( 'DECODERSTUB',  [ true, 'The VBS base64 file decoder stub to use.',
-          File.join(Msf::Config.install_root, "data", "exploits", "cmdstager", "vbs_b64")]),
+          File.join(Msf::Config.data_directory, "exploits", "cmdstager", "vbs_b64")]),
       ], self.class)
   end
 

lib/msf/core/exploit/cmdstager_vbs_adodb.rb

@@ -19,7 +19,7 @@ module Exploit::CmdStagerVBS::ADODB
     register_advanced_options(
       [
         OptString.new( 'DECODERSTUB',  [ true, 'The VBS base64 file decoder stub to use.',
-          File.join(Msf::Config.install_root, "data", "exploits", "cmdstager", "vbs_b64_adodb")]),
+          File.join(Msf::Config.data_directory, "exploits", "cmdstager", "vbs_b64_adodb")]),
       ], self.class)
   end
 

lib/msf/core/exploit/file_dropper.rb

@@ -47,19 +47,18 @@ module Exploit::FileDropper
           false
         end
       else
-        cmds = [
+        win_cmds = [
             %Q|attrib.exe -r "#{win_file}"|,
-            %Q|del.exe /f /q "#{win_file}"|,
+            %Q|del.exe /f /q "#{win_file}"|
-            %Q|rm -f "#{file}" >/dev/null|,
         ]
-
         # We need to be platform-independent here. Since we can't be
         # certain that {#target} is accurate because exploits with
         # automatic targets frequently change it, we just go ahead and
         # run both a windows and a unixy command in the same line. One
         # of them will definitely fail and the other will probably
         # succeed. Doing it this way saves us an extra round-trip.
-        session.shell_command_token(cmds.join(" ; "))
+        # Trick shared by @mihi42
+        session.shell_command_token("rm -f \"#{file}\" >/dev/null ; echo ' & #{win_cmds.join(" & ")} & echo \" ' >/dev/null")
         print_good("Deleted #{file}")
         true
       end

lib/msf/core/exploit/http/server.rb

@@ -4,6 +4,7 @@ require 'rex/exploitation/obfuscatejs'
 require 'rex/exploitation/encryptjs'
 require 'rex/exploitation/heaplib'
 require 'rex/exploitation/javascriptosdetect'
+require 'rex/exploitation/javascriptaddonsdetect'
 
 module Msf
 

lib/msf/core/exploit/java.rb

@@ -51,7 +51,7 @@ module Exploit::Java
 
     # Instantiate the JVM with a classpath pointing to the JDK tools.jar
     # and our javatoolkit jar.
-    classpath  = File.join(Msf::Config.install_root, "data", "exploits", "msfJavaToolkit.jar")
+    classpath  = File.join(Msf::Config.data_directory, "exploits", "msfJavaToolkit.jar")
     classpath += ":" + toolsjar
     classpath += ":" + datastore['ADDCLASSPATH'] if datastore['ADDCLASSPATH']
 

lib/msf/core/exploit/mssql.rb

@@ -75,7 +75,7 @@ module Exploit::Remote::MSSQL
     register_advanced_options(
       [
         OptPath.new('HEX2BINARY',   [ false, "The path to the hex2binary script on the disk",
-          File.join(Msf::Config.install_root, "data", "exploits", "mssql", "h2b")
+          File.join(Msf::Config.data_directory, "exploits", "mssql", "h2b")
         ]),
         OptString.new('DOMAIN', [ true, 'The domain to use for windows authentication', 'WORKSTATION'])
       ], Msf::Exploit::Remote::MSSQL)

lib/msf/core/exploit/mssql_sqli.rb

@@ -34,7 +34,7 @@ module Exploit::Remote::MSSQL_SQLI
     register_advanced_options(
       [
         OptPath.new('HEX2BINARY',   [ false, "The path to the hex2binary script on the disk",
-          File.join(Msf::Config.install_root, "data", "exploits", "mssql", "h2b")
+          File.join(Msf::Config.data_directory, "exploits", "mssql", "h2b")
         ])
       ], Msf::Exploit::Remote::MSSQL_SQLI)
 

lib/msf/core/exploit/mysql.rb

@@ -150,7 +150,7 @@ module Exploit::Remote::MYSQL
 
   def mysql_upload_sys_udf(arch=:win32,target_path=nil)
     fname = (arch == :win32 ? "lib_mysqludf_sys_32.dll" : "lib_mysqludf_sys_64.dll")
-    sys_dll = File.join( Msf::Config.install_root, "data", "exploits", "mysql", fname )
+    sys_dll = File.join( Msf::Config.data_directory, "exploits", "mysql", fname )
     data = File.open(sys_dll, "rb") {|f| f.read f.stat.size}
     blob = "0x"
     blob << data.unpack("C*").map {|x| "%02x" % [x]}.join

lib/msf/core/exploit/powershell.rb

@@ -116,7 +116,7 @@ module Exploit::Powershell
 
     ps_wrapper = <<EOS
 $si = New-Object System.Diagnostics.ProcessStartInfo
-$si.FileName = "#{ps_bin}"
+$si.FileName = #{ps_bin}
 $si.Arguments = '#{ps_args}'
 $si.UseShellExecute = $false
 $si.RedirectStandardOutput = $true
@@ -146,11 +146,11 @@ EOS
       psh_payload << "while(1){Start-Sleep -s #{sleep_time};#{fun_name};1};"
     end
     # Determine appropriate architecture
-    ps_bin = wow64 ? '$env:windir\syswow64\WindowsPowerShell\v1.0\powershell.exe' : 'powershell.exe'
+    ps_bin = wow64 ? '$env:windir+\'\syswow64\WindowsPowerShell\v1.0\powershell.exe\'' : '\'powershell.exe\''
     # Wrap in hidden runtime
     psh_payload = run_hidden_psh(psh_payload,ps_bin)
     # Convert to base64 for -encodedcommand execution
-    command = "%COMSPEC% /B /C start powershell.exe -Command \"#{psh_payload.gsub("\n",';').gsub('"','\"')}\"\r\n"
+    command = "%COMSPEC% /B /C start powershell.exe -Command #{psh_payload.gsub("\n",';').gsub('"','\"')}\r\n"
   end
 
   #

lib/msf/core/exploit/sunrpc.rb

@@ -150,7 +150,7 @@ module Exploit::Remote::SunRPC
   end
 
   def progresolv(number)
-    names = File.join(Msf::Config.install_root, "data", "wordlists", "rpc_names.txt")
+    names = File.join(Msf::Config.data_directory, "wordlists", "rpc_names.txt")
     File.open(names, "rb").each_line do |line|
       next if line.empty? || line =~ /^\s*#/
 

lib/msf/core/module/reference.rb

@@ -112,6 +112,8 @@ class Msf::Module::SiteReference < Msf::Module::Reference
       self.site = 'http://www.kb.cert.org/vuls/id/' + in_ctx_val.to_s
     elsif (in_ctx_id == 'BPS')
       self.site = 'https://strikecenter.bpointsys.com/bps/advisory/BPS-' + in_ctx_val.to_s
+    elsif (in_ctx_id == 'ZDI')
+      self.site = 'http://www.zerodayinitiative.com/advisories/ZDI-' + in_ctx_val.to_s
     elsif (in_ctx_id == 'URL')
       self.site = in_ctx_val.to_s
     else

lib/msf/core/post/windows/priv.rb

@@ -1,25 +1,30 @@
 # -*- coding: binary -*-
 
 require 'msf/core/post/windows/accounts'
+require 'msf/core/post/windows/registry'
 
 module Msf::Post::Windows::Priv
   include ::Msf::Post::Windows::Accounts
+  include Msf::Post::Windows::Registry
 
-  LowIntegrityLevel = 'S-1-16-4096'
+  INTEGRITY_LEVEL_SID = {
-  MediumIntegrityLevel =  'S-1-16-8192'
+      :low => 'S-1-16-4096',
-  HighIntegrityLevel = 'S-1-16-12288'
+      :medium => 'S-1-16-8192',
-  SystemIntegrityLevel = 'S-1-16-16384'
+      :high => 'S-1-16-12288',
+      :system => 'S-1-16-16384'
+  }
 
-  Administrators = 'S-1-5-32-544'
+  SYSTEM_SID = 'S-1-5-18'
+  ADMINISTRATORS_SID = 'S-1-5-32-544'
 
   # http://technet.microsoft.com/en-us/library/dd835564(v=ws.10).aspx
   # ConsentPromptBehaviorAdmin
-  UACNoPrompt = 0
+  UAC_NO_PROMPT = 0
-  UACPromptCredsIfSecureDesktop = 1
+  UAC_PROMPT_CREDS_IF_SECURE_DESKTOP = 1
-  UACPromptConsentIfSecureDesktop = 2
+  UAC_PROMPT_CONSENT_IF_SECURE_DESKTOP = 2
-  UACPromptCreds = 3
+  UAC_PROMPT_CREDS = 3
-  UACPromptConsent = 4
+  UAC_PROMPT_CONSENT = 4
-  UACDefault = 5
+  UAC_DEFAULT = 5
 
   #
   # Returns true if user is admin and false if not.
@@ -29,12 +34,11 @@ module Msf::Post::Windows::Priv
       # Assume true if the OS doesn't expose this (Windows 2000)
       session.railgun.shell32.IsUserAnAdmin()["return"] rescue true
     else
-      cmd = "cmd.exe /c reg query HKU\\S-1-5-19"
+      local_service_key = registry_enumkeys('HKU\S-1-5-19')
-      results = session.shell_command_token_win32(cmd)
+      if local_service_key
-      if results =~ /Error/
-        return false
-      else
         return true
+      else
+        return false
       end
     end
   end
@@ -48,7 +52,7 @@ module Msf::Post::Windows::Priv
     if whoami.nil?
       print_error("Unable to identify admin group membership")
       return nil
-    elsif whoami.include? Administrators
+    elsif whoami.include? ADMINISTRATORS_SID
       return true
     else
       return false
@@ -60,19 +64,18 @@ module Msf::Post::Windows::Priv
   #
   def is_system?
     if session_has_ext
-      local_sys = resolve_sid("S-1-5-18")
+      local_sys = resolve_sid(SYSTEM_SID)
       if session.sys.config.getuid == "#{local_sys[:domain]}\\#{local_sys[:name]}"
         return true
       else
         return false
       end
     else
-      cmd = "cmd.exe /c reg query HKLM\\SAM\\SAM"
+      results = registry_enumkeys('HKLM\SAM\SAM')
-      results = session.shell_command_token_win32(cmd)
+      if results
-      if results =~ /Error/
-        return false
-      else
         return true
+      else
+        return false
       end
     end
   end
@@ -90,15 +93,13 @@ module Msf::Post::Windows::Priv
     if winversion =~ /Windows (Vista|7|8|2008)/
       unless is_system?
         begin
-          key = session.sys.registry.open_key(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System',KEY_READ)
+          enable_lua = registry_getvaldata(
-
+              'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System',
-          if key.query_value('EnableLUA').data == 1
+              'EnableLUA'
-            uac = true
+          )
-          end
+          uac = (enable_lua == 1)
-
+        rescue Rex::Post::Meterpreter::RequestError => e
-          key.close
+          print_error("Error Checking if UAC is Enabled: #{e.class} #{e}")
-        rescue::Exception => e
-          print_error("Error Checking UAC: #{e.class} #{e}")
         end
       end
     end
@@ -108,19 +109,24 @@ module Msf::Post::Windows::Priv
   #
   # Returns the UAC Level
   #
+  # @see http://technet.microsoft.com/en-us/library/dd835564(v=ws.10).aspx
   # 2 - Always Notify, 5 - Default, 0 - Disabled
   #
   def get_uac_level
     begin
-      open_key = session.sys.registry.open_key(
+      uac_level = registry_getvaldata(
-          HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System',
+          'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System',
-          KEY_READ
+          'ConsentPromptBehaviorAdmin'
       )
-      uac_level = open_key.query_value('ConsentPromptBehaviorAdmin')
+    rescue Rex::Post::Meterpreter::RequestError => e
-    rescue Exception => e
+      print_error("Error Checking UAC Level: #{e.class} #{e}")
-      print_error("Error Checking UAC: #{e.class} #{e}")
+    end
+
+    if uac_level
+      return uac_level
+    else
+      return nil
     end
-    return uac_level.data
   end
 
   #
@@ -132,14 +138,12 @@ module Msf::Post::Windows::Priv
     if whoami.nil?
       print_error("Unable to identify integrity level")
       return nil
-    elsif whoami.include? LowIntegrityLevel
+    else
-      return LowIntegrityLevel
+      INTEGRITY_LEVEL_SID.each_pair do |k,sid|
-    elsif whoami.include? MediumIntegrityLevel
+        if whoami.include? sid
-      return MediumIntegrityLevel
+          return sid
-    elsif whoami.include? HighIntegrityLevel
+        end
-      return HighIntegrityLevel
+      end
-    elsif whoami.include? SystemIntegrityLevel
-      return SystemIntegrityLevel
     end
   end
 
@@ -149,7 +153,7 @@ module Msf::Post::Windows::Priv
   # Returns nil if Windows whoami is not available
   #
   def get_whoami
-    whoami = cmd_exec('cmd /c whoami /groups')
+    whoami = cmd_exec('cmd.exe /c whoami /groups')
 
     if whoami.nil? or whoami.empty?
       return nil

lib/rex/exploitation/javascriptaddonsdetect.js

@@ -0,0 +1,51 @@
+window.addons_detect = { };
+
+/**
+ * Returns the version of Microsoft Office. If not found, returns null.
+ **/
+window.addons_detect.getMsOfficeVersion = function () {
+  var version;
+  var types = new Array();
+  for (var i=1; i <= 5; i++) {
+    try {
+      types[i-1] = typeof(new ActiveXObject("SharePoint.OpenDocuments." + i.toString()));
+    }
+    catch (e) {
+      types[i-1] = null;
+    }
+  }
+
+  if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+      types[3] == 'object' && types[4] == 'object')
+  {
+    version = "2012";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+           types[3] == 'object' && types[4] == null)
+  {
+    version = "2010";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == 'object' &&
+           types[3] == null && types[4] == null)
+  {
+    version = "2007";
+  }
+  else if (types[0] == 'object' && types[1] == 'object' && types[2] == null &&
+           types[3] == null && types[4] == null)
+  {
+    version = "2003";
+  }
+  else if (types[0] == 'object' && types[1] == null && types[2] == null &&
+           types[3] == null && types[4] == null)
+  {
+    // If run for the first time, you must manullay allow the "Microsoft Office XP"
+    // add-on to run. However, this prompt won't show because the ActiveXObject statement
+    // is wrapped in an exception handler.
+    version = "xp";
+  }
+  else {
+    version = null;
+  }
+
+  return version;
+}

lib/rex/exploitation/javascriptaddonsdetect.rb

@@ -0,0 +1,29 @@
+# -*- coding: binary -*-
+
+require 'msf/core'
+require 'rex/text'
+require 'rex/exploitation/jsobfu'
+
+module Rex
+module Exploitation
+
+#
+# Provides javascript functions to determine addon information.
+#
+# getMsOfficeVersion(): Returns the version for Microsoft Office
+#
+class JavascriptAddonsDetect < JSObfu
+
+  def initialize(custom_js = '', opts = {})
+    @js = custom_js
+    @js += ::File.read(::File.join(::File.dirname(__FILE__), "javascriptaddonsdetect.js"))
+
+    super @js
+
+    return @js
+  end
+
+end
+end
+
+end

lib/rex/exploitation/javascriptosdetect.js

@@ -52,6 +52,13 @@ window.os_detect.getVersion = function(){
 		return d.style[propCamelCase] === css;
 	}
 
+	var input_type_is_valid = function(input_type) {
+		if (!document.createElement) return false;
+		var input = document.createElement('input');
+		input.setAttribute('type', input_type);
+		return input.type == input_type;
+	}
+
 	//--
 	// Client
 	//--
@@ -203,7 +210,13 @@ window.os_detect.getVersion = function(){
 		// Thanks to developer.mozilla.org "Firefox for developers" series for most
 		// of these.
 		// Release changelogs: http://www.mozilla.org/en-US/firefox/releases/
-		if ('HTMLTimeElement' in window) {
+		if ('DeviceStorage' in window && window.DeviceStorage &&
+				'default' in window.DeviceStorage.prototype) {
+			// https://bugzilla.mozilla.org/show_bug.cgi?id=874213
+			ua_version = '24.0'
+		} else if (input_type_is_valid('range')) {
+			ua_version = '23.0'
+		} else if ('HTMLTimeElement' in window) {
 			ua_version = '22.0'
 		} else if ('createElement' in document &&
 		           document.createElement('main') &&

lib/rex/parser/outpost24_nokogiri.rb

@@ -0,0 +1,239 @@
+require "rex/parser/nokogiri_doc_mixin"
+
+module Rex
+module Parser
+
+load_nokogiri && class Outpost24Document < Nokogiri::XML::SAX::Document
+
+  include NokogiriDocMixin
+
+  def start_element(name, attrs)
+    @state[:current_tag][name] = true
+    case name
+    when "description", "information"
+      return unless in_tag("detaillist")
+      return unless in_tag("detail")
+      record_text
+    when "detail"
+      return unless in_tag("detaillist")
+      record_vuln
+    when "detaillist"
+      record_vulns
+    when "host"
+      return unless in_tag("hostlist")
+      record_host
+    when "hostlist"
+      record_hosts
+    when "id"
+      return unless in_tag("detaillist")
+      return unless in_tag("detail")
+      return unless in_tag("cve")
+      record_text
+    when "name"
+      return unless in_tag("hostlist") || in_tag("detaillist")
+      return unless in_tag("host") || in_tag("detail")
+      record_text
+    when "platform"
+      return unless in_tag("hostlist")
+      return unless in_tag("host")
+      record_text
+    when "portinfo"
+      return unless in_tag("portlist")
+      return unless in_tag("portlist-host")
+      record_service
+    when "portlist"
+      record_services
+    when "portnumber", "protocol", "service"
+      return unless in_tag("portlist")
+      return unless in_tag("portlist-host")
+      return unless in_tag("portinfo")
+      record_text
+    when "report", "ip"
+      record_text
+    end
+  end
+
+  def end_element(name)
+    case name
+    when "description", "information"
+      return unless in_tag("detaillist")
+      return unless in_tag("detail")
+      collect_vuln_data(name)
+    when "detail"
+      return unless in_tag("detaillist")
+      collect_vuln
+    when "detaillist"
+      report_vulns
+    when "host"
+      return unless in_tag("hostlist")
+      collect_host
+    when "hostlist"
+      report_hosts
+    when "id"
+      return unless in_tag("detaillist")
+      return unless in_tag("detail")
+      return unless in_tag("cve")
+      collect_vuln_data(name)
+    when "ip"
+      collect_ip
+    when "name"
+      if in_tag("hostlist") && in_tag("host")
+        collect_host_data(name)
+      elsif in_tag("detaillist") && in_tag("detail")
+        collect_vuln_data(name)
+      end
+    when "platform"
+      return unless in_tag("hostlist")
+      return unless in_tag("host")
+      collect_host_data(name)
+    when "portinfo"
+      return unless in_tag("portlist")
+      return unless in_tag("portlist-host")
+      collect_service
+    when "portlist"
+      report_services
+    when "portnumber", "protocol", "service"
+      return unless in_tag("portlist")
+      return unless in_tag("portlist-host")
+      return unless in_tag("portinfo")
+      collect_service_data(name)
+    when "report"
+      collect_product
+    end
+    @state[:current_tag].delete(name)
+  end
+
+  def record_hosts
+    @report_data[:hosts] = []
+  end
+
+  def record_services
+    @report_data[:services] = []
+  end
+
+  def record_vulns
+    @report_data[:vulns] = []
+  end
+
+  def record_host
+    @host = {}
+  end
+
+  def record_service
+    @service = {}
+  end
+
+  def record_vuln
+    @vuln = {}
+    @refs = []
+  end
+
+  def record_text
+    @state[:has_text] = true
+  end
+
+  def collect_host
+    @host[:host] = @state[:host]
+    @host[:name] = @state[:hname]
+    @host[:os_name] = @state[:os_name]
+    @host[:info] = @state[:pinfo]
+    @report_data[:hosts] << @host
+  end
+
+  def collect_service
+    @service[:host] = @state[:host]
+    @service[:port] = @state[:port]
+    @service[:proto] = @state[:proto]
+    @service[:name] = @state[:sname]
+    @service[:info] = @state[:pinfo]
+    @report_data[:services] << @service
+  end
+
+  def collect_vuln
+    @vuln[:host] = @state[:host]
+    @vuln[:name] = @state[:vname]
+    @vuln[:info] = @state[:vinfo]
+    @vuln[:refs] = @refs
+    @report_data[:vulns] << @vuln
+  end
+
+  def collect_product
+    @state[:has_text] = false
+    @state[:pinfo] = @text.strip if @text
+    @text = nil
+  end
+
+  def collect_ip
+    @state[:has_text] = false
+    @state[:host] = @text.strip if @text
+    @text = nil
+  end
+
+  def collect_host_data(name)
+    @state[:has_text] = false
+    if name == "name"
+      @state[:hname] = @text.strip if @text
+    elsif name == "platform"
+      if @text
+        @state[:os_name] = @text.strip
+      else
+        @state[:os_name] = Msf::OperatingSystems::UNKNOWN
+      end
+    end
+    @text = nil
+  end
+
+  def collect_service_data(name)
+    @state[:has_text] = false
+    if name == "portnumber"
+      @state[:port] = @text.strip if @text
+    elsif name == "protocol"
+      @state[:proto] = @text.strip.downcase if @text
+    elsif name == "service"
+      @state[:sname] = @text.strip if @text
+    end
+    @text = nil
+  end
+
+  def collect_vuln_data(name)
+    @state[:has_text] = false
+    if name == "name"
+      @state[:vname] = @text.strip if @text
+    elsif name == "description"
+      @state[:vinfo] = @text.strip if @text
+    elsif name == "information"
+      @state[:vinfo] << " #{@text.strip if @text}"
+    elsif name == "id"
+      @state[:ref] = @text.strip if @text
+      @refs << normalize_ref("CVE", @state[:ref])
+    end
+    @text = nil
+  end
+
+  def report_hosts
+    block = @block
+    @report_data[:hosts].each do |h|
+      db.emit(:address, h[:host], &block) if block
+      db_report(:host, h)
+    end
+  end
+
+  def report_services
+    block = @block
+    @report_data[:services].each do |s|
+      db.emit(:service, "#{s[:host]}:#{s[:port]}/#{s[:proto]}", &block) if block
+      db_report(:service, s)
+    end
+  end
+
+  def report_vulns
+    block = @block
+    @report_data[:vulns].each do |v|
+      db.emit(:vuln, ["#{v[:name]} (#{v[:host]})", 1], &block) if block
+      db_report(:vuln, v)
+    end
+  end
+
+end
+end
+end

lib/rex/post/meterpreter/extensions/mimikatz/mimikatz.rb

@@ -34,14 +34,18 @@ class Mimikatz < Extension
       ])
   end
 
-  def send_custom_command(function, args=[])
+  def send_custom_command_raw(function, args=[])
     request = Packet.create_request('mimikatz_custom_command')
     request.add_tlv(TLV_TYPE_MIMIKATZ_FUNCTION, function)
     args.each do |a|
       request.add_tlv(TLV_TYPE_MIMIKATZ_ARGUMENT, a)
     end
     response = client.send_request(request)
-    return Rex::Text.to_ascii(response.get_tlv_value(TLV_TYPE_MIMIKATZ_RESULT))
+    return response.get_tlv_value(TLV_TYPE_MIMIKATZ_RESULT)
+  end
+
+  def send_custom_command(function, args=[])
+    return Rex::Text.to_ascii(send_custom_command_raw(function, args))
   end
 
   def parse_creds_result(result)
@@ -63,11 +67,18 @@ class Mimikatz < Extension
   def parse_ssp_result(result)
     details = CSV.parse(result)
     accounts = []
+
+    return accounts unless details
     details.each do |acc|
+      next unless acc.length == 5
       ssps = acc[4].split(' }')
+      next unless ssps
       ssps.each do |ssp|
+        next unless ssp
         s_acc = ssp.split(' ; ')
+        next unless s_acc
         user = s_acc[0].split('{ ')[1]
+        next unless user
         account = {
           :authid => acc[0],
           :package => acc[1],

lib/rex/post/meterpreter/ui/console/command_dispatcher/mimikatz.rb

@@ -106,7 +106,7 @@ class Console::CommandDispatcher::Mimikatz
     )
 
     accounts.each do |acc|
-      table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password]]
+      table << [acc[:authid], acc[:package], acc[:domain], acc[:user],  acc[:password].gsub("\n","")]
     end
 
     print_line table.to_s

lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb

@@ -236,7 +236,15 @@ class Console::CommandDispatcher::Stdapi::Sys
     when /win/
       path = client.fs.file.expand_path("%COMSPEC%")
       path = (path and not path.empty?) ? path : "cmd.exe"
+
+      # attempt the shell with thread impersonation
+      begin
         cmd_execute("-f", path, "-c", "-H", "-i", "-t")
+      rescue
+        # if this fails, then we attempt without impersonation
+        print_error( "Failed to spawn shell with thread impersonation. Retrying without it." )
+        cmd_execute("-f", path, "-c", "-H", "-i")
+      end
     when /linux/
       # Don't expand_path() this because it's literal anyway
       path = "/bin/sh"

modules/auxiliary/admin/2wire/xslt_password_reset.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/backupexec/dump.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/backupexec/registry.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/cisco/cisco_secure_acs_bypass.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/db2/db2rcmd.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/edirectory/edirectory_edirutil.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/hp/hp_data_protector_cmd.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# Framework web site for more information on licensing and terms of use.
-#   http://metasploit.com/framework/
 ##
 
 require 'msf/core'
@@ -34,7 +32,7 @@ class Metasploit3 < Msf::Auxiliary
         [
           [ 'CVE', '2011-0923' ],
           [ 'OSVDB', '72526' ],
-          [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-11-055/' ],
+          [ 'ZDI', '11-055' ],
           [ 'URL', 'http://c4an-dl.blogspot.com/hp-data-protector-vuln.html' ],
           [ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux' ]
         ],

modules/auxiliary/admin/http/axigen_file_access.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/contentkeeper_fileaccess.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/http/iis_auth_bypass.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# Framework web site for more information on licensing and terms of use.
-#   http://metasploit.com/framework/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/intersil_pass_reset.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/http/jboss_seam_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/mutiny_frontend_read_delete.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/nexpose_xxe_file_read.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/novell_file_reporter_filedelete.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/rails_devise_pass_reset.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/scrutinizer_add_user.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# Framework web site for more information on licensing and terms of use.
-#   http://metasploit.com/framework/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/sophos_wpa_traversal.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'uri'

modules/auxiliary/admin/http/tomcat_administration.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/tomcat_utf8_traversal.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -42,7 +40,7 @@ class Metasploit3 < Msf::Auxiliary
       [
         Opt::RPORT(8080),
         OptPath.new('SENSITIVE_FILES',  [ true, "File containing senstive files, one per line",
-          File.join(Msf::Config.install_root, "data", "wordlists", "sensitive_files.txt") ]),
+          File.join(Msf::Config.data_directory, "wordlists", "sensitive_files.txt") ]),
         OptInt.new('MAXDIRS', [ true, 'The maximum directory depth to search', 7]),
       ], self.class)
   end

modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -43,7 +41,7 @@ class Metasploit3 < Msf::Auxiliary
         Opt::RPORT(8443),
         OptBool.new('SSL', [true, 'Use SSL', true]),
         OptPath.new('SENSITIVE_FILES', [ true, "File containing senstive files, one per line",
-        File.join(Msf::Config.install_root, "data", "wordlists", "sensitive_files.txt") ]),
+        File.join(Msf::Config.data_directory, "wordlists", "sensitive_files.txt") ]),
       ], self.class)
   end
 

modules/auxiliary/admin/http/typo3_sa_2009_001.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/typo3_sa_2009_002.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/typo3_sa_2010_020.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/typo3_winstaller_default_enc_keys.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -28,7 +26,8 @@ class Metasploit3 < Msf::Auxiliary
       'License'        => MSF_LICENSE,
       'References'     =>
         [
-          [ 'URL', 'http://www.net-security.org/secworld.php?id=15743' ],
+          [ 'URL', 'http://blog.imperva.com/2013/10/threat-advisory-a-vbulletin-exploit-administrator-injection.html'],
+          [ 'OSVDB', '98370' ],
           [ 'URL', 'http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5']
         ],
       'DisclosureDate' => 'Oct 09 2013'))

modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/misc/wol.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# Framework web site for more information on licensing and terms of use.
-#   http://metasploit.com/framework/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/motorola/wr850g_cred.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/ms/ms08_059_his2006.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_enum.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_findandsampledata.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_idf.rb

@@ -8,10 +8,8 @@
 ##
 
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_ntlm_stealer.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_ntlm_stealer_sqli.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_sql.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mssql/mssql_sql_file.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mysql/mysql_enum.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/mysql/mysql_sql.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 

modules/auxiliary/admin/natpmp/natpmp_map.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/officescan/tmlisten_traversal.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/ora_ntlm_stealer.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/oracle_login.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/oracle_sql.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/oraenum.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -657,7 +655,7 @@ class Metasploit3 < Msf::Auxiliary
           FROM sys.user$
           where password != 'null' and  type# = 1
         |
-        ordfltpss = "#{File.join(Msf::Config.install_root, "data", "wordlists", "oracle_default_hashes.txt")}"
+        ordfltpss = "#{File.join(Msf::Config.data_directory, "wordlists", "oracle_default_hashes.txt")}"
         returnedstring = prepare_exec(query)
         accts = {}
         returnedstring.each do |record|

modules/auxiliary/admin/oracle/osb_execqr.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -24,7 +22,7 @@ class Metasploit3 < Msf::Auxiliary
           [ 'CVE', '2008-5448' ],
           [ 'OSVDB', '51342' ],
           [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html' ],
-          [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-003' ],
+          [ 'ZDI', '09-003' ],
         ],
       'DisclosureDate' => 'Jan 14 2009'))
 

modules/auxiliary/admin/oracle/osb_execqr2.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -28,8 +26,8 @@ class Metasploit3 < Msf::Auxiliary
           [ 'OSVDB', '55903' ],
           [ 'CVE', '2009-1978' ],
           [ 'OSVDB', '55904' ],
-          [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-058' ],
+          [ 'ZDI', '09-058' ],
-          [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-059' ],
+          [ 'ZDI', '09-059' ],
         ],
       'DisclosureDate' => 'Aug 18 2009'))
 

modules/auxiliary/admin/oracle/osb_execqr3.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'
@@ -26,7 +24,7 @@ class Metasploit3 < Msf::Auxiliary
         [
           [ 'CVE', '2010-0904' ],
           [ 'OSVDB', '66338'],
-          [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-10-118' ],
+          [ 'ZDI', '10-118' ],
         ],
       'DisclosureDate' => 'Jul 13 2010'))
 

modules/auxiliary/admin/oracle/post_exploitation/win32exec.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/post_exploitation/win32upload.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/sid_brute.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/oracle/tnscmd.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##
 
 require 'msf/core'

modules/auxiliary/admin/pop2/uw_fileretrieval.rb

@@ -1,8 +1,6 @@
 ##
-# This file is part of the Metasploit Framework and may be subject to
+# This module requires Metasploit: http//metasploit.com/download
-# redistribution and commercial restrictions. Please see the Metasploit
+# Current source: https://github.com/rapid7/metasploit-framework
-# web site for more information on licensing and terms of use.
-#   http://metasploit.com/
 ##